<?php
require_once(dirname(__FILE__)."/config.php");
if(empty($dopost))
{
	$dopost = '';
}
if(empty($fmdo))
{
	$fmdo = '';
}

//用户登录
//把登录密码转为指定长度md5数据
function GetEncodePwd($pwd)
{
	global $cfg_mb_pwdtype;
	if(empty($cfg_mb_pwdtype)) $cfg_mb_pwdtype = '32';
	switch($cfg_mb_pwdtype)
	{
		case 'l16':
			return substr(md5($pwd), 0, 16);
		case 'r16':
			return substr(md5($pwd), 16, 16);
		case 'm16':
			return substr(md5($pwd), 8, 16);
		default:
			return md5($pwd);
	}
}

//把数据库密码转为特定长度
//如果数据库密码是明文的，本程序不支持
function GetShortPwd($dbpwd)
{
	global $cfg_mb_pwdtype;
	if(empty($cfg_mb_pwdtype)) $cfg_mb_pwdtype = '32';
	$dbpwd = trim($dbpwd);
	if(strlen($dbpwd)==16)
	{
		return $dbpwd;
	}
	else
	{
		switch($cfg_mb_pwdtype)
		{
			case 'l16':
				return substr($dbpwd, 0, 16);
			case 'r16':
				return substr($dbpwd, 16, 16);
			case 'm16':
				return substr($dbpwd, 8, 16);
			default:
				return $dbpwd;
		}
	}
}

/*********************
function Case_user()
*******************/
if($fmdo=='user')
{

	//检查用户名是否存在
	if($dopost=="checkuser")
	{
		AjaxHead();
		$msg = '';
		$uid = trim($uid);
		if($cktype==0)
		{
			$msgtitle='用户昵称';
		}
		else
		{
			$msgtitle='用户名';
		}
		$msg = CheckUserID($uid,$msgtitle);
		if($msg=='ok')
		{
			$msg = "<font color='#4E7504'><b>√{$msgtitle}可以使用</b></font>";
		}
		else
		{
			$msg = "<font color='red'><b>×{$msg}</b></font>";
		}
		echo $msg;
		exit();
	}

	//检查email是否存在
	else  if($dopost=="checkmail")
	{
		AjaxHead();
		if($cfg_md_mailtest=='N')
		{
			$msg = "<font color='#4E7504'><b>√可以使用</b></font>";
		}
		else
		{
			$row = $dsql->GetOne("Select mid From `#@__member` where email like '$email' limit 1");
			if(!is_array($row))
			{
				$msg = "<font color='#4E7504'><b>√可以使用</b></font>";
			}
			else
			{
				$msg = "<font color='red'><b>×Email已经被另一个帐号占用！</b></font>";
			}
		}
		echo $msg;
		exit();
	}

	//引入注册页面
	else if($dopost=="regnew")
	{

		require_once(dirname(__FILE__)."/reg_new.php");
		exit();
	}

	//申请升级
	else if($dopost=="uprank")
	{
		CheckRank();
		if(empty($uptype))
		{
			ShowMsg("数据无效！","-1");
			exit();
		}
		$uptype = GetAlabNum($uptype);
		if($uptype < $cfg_ml->M_Rank)
		{
			ShowMsg("类型不对，你的级别比你目前申请的级别还要高！","-1");
			exit();
		}
		$dsql->SetQuery("update `#@__member` set `uprank`='$uptype' where mid='".$cfg_ml->M_ID."' ");
		$dsql->Execute();
		ShowMsg("成功申请升级，请等待管理员开通！","index.php?".time());
		exit();
	}
	

  /***************************
  //积分换金币
  function money2s() {  }
  ***************************/
	else if($dopost=="money2s")
	{
		CheckRank();
		if($cfg_money_scores==0)
		{
			ShowMsg('系统禁用了积分与金币兑换功能！', '-1');
			exit();
		}
		$money = empty($money) ? 0 : intval($money);
		if(empty($money))
		{
			ShowMsg('你没指定要兑换多少金币！', '-1');
			exit();
		}
		
		$needscores = $money * $cfg_money_scores;
		if($cfg_ml->fields['scores'] < $needscores )
		{
			ShowMsg('你你积分不足，不能换取这么多的金币！', '-1');
			exit();
		}
		$litmitscores = $cfg_ml->fields['scores'] - $needscores;
		
		//保存记录
		$mtime = time();
		$inquery = "INSERT INTO `#@__member_operation`(`buyid` , `pname` , `product` , `money` , `mtime` , `pid` , `mid` , `sta` ,`oldinfo`)
   		VALUES ('ScoresToMoney', '积分换金币操作', 'stc' , '0' , '$mtime' , '0' , '{$cfg_ml->M_ID}' , '0' , '用 {$needscores} 积分兑了换金币：{$money} 个'); ";
		$dsql->ExecuteNoneQuery($inquery);
		//修改积分与金币值
		$dsql->ExecuteNoneQuery("update `#@__member` set `scores`=$litmitscores, money= money + $money  where mid='".$cfg_ml->M_ID."' ");
		ShowMsg('成功兑换指定量的金币！', 'operation.php');
		exit();
	}


}

/*********************
function login()
*******************/
else if($fmdo=='login')
{

	//用户登录
	if($dopost=="login")
	{
		if(!isset($vdcode))
		{
			$vdcode = '';
		}
		//$svali = GetCkVdValue();
		//if(strtolower($vdcode)!=$svali || $svali=='')
		//{
			//ResetVdValue();
			//ShowMsg("验证码错误！","-1");
			//exit();
		//}
		
		#api{{
		if(defined('PP_API'))
		{
			if(PP_OPEN && PP_TYPE == 'client')
			{
				$row = $dsql->GetOne("SELECT `mid`,`userid`,`pwd` FROM #@__member WHERE userid='$userid'");
				if(is_array($row))
				{
					//if(md5($pwd)!=$row['pwd'])
					if(GetShortPwd($row['pwd']) != GetEncodePwd($pwd))
					{
						ShowMsg("密码错误！","-1",0,2000); exit();
					}
					//记录登录信息
					WriteLoginLog($userid);
					$cfg_ml->PutLoginInfo($row['mid']);
					include_once RSMSROOT.'/api/client.php';
					$api = new passport();
					$api->login($userid,$pwd);
				}else{
					ShowMsg("用户名不存在！","-1",0,2000); exit();
				}
			}
			elseif(PP_OPEN && PP_TYPE == 'server')
			{
				ShowMsg("系统开启了通行证,请到通行证页面登录！",PP_API.PP_LOGIN); exit();
			}
		}
		#/aip}}		
		
		if(CheckUserID($userid,'',false)!='ok')
		{
			ShowMsg("你输入的用户名 {$userid} 不合法！","-1");
			exit();
		}
		if($pwd=='')
		{
			ShowMsg("密码不能为空！","-1",0,2000);
			exit();
		}

		//检查帐号
		$rs = $cfg_ml->CheckUser($userid,$pwd);
		if($rs==0)
		{
			ShowMsg("用户名不存在！","-1",0,2000);
			exit();
		}
		else if($rs==-1) {
			ShowMsg("密码错误！","-1",0,2000);
			exit();
		}
		else if($rs==-2) {
			ShowMsg("管理员帐号不允许从前台登录！","-1",0,2000);
			exit();
		}
		else
		{
			//记录登录信息
			WriteLoginLog($userid);
			#api{{
			if(defined('PP_API'))
			{
				if(PP_OPEN && PP_TYPE == 'client')
				{
					include_once RSMSROOT.'/api/client.php';
					$api = new passport();
					$api->login($userid,$pwd);
				}
			}
			#/aip}}
						
			if(empty($gourl) || eregi("action|_do",$gourl))
			{
				ShowMsg("成功登录，5秒钟后转向系统主页...","/plus/list.php?tid=1",0,2000);
			}
			else
			{
				ShowMsg("成功登录，现在转向指定页面...",$gourl,0,2000);
			}
			exit();
		}
	}

	//退出登录
	else if($dopost=="exit")
	{
		$cfg_ml->ExitCookie();
		
		#api{{
		if(defined('PP_API'))
		{
			if(PP_OPEN && PP_TYPE == 'client')
			{
				include_once RSMSROOT.'/api/client.php';
				$api = new passport();				
				$api->logout();
			}
			elseif(PP_OPEN && PP_TYPE == 'server')
			{
				header("Location: ".PP_API.PP_LOGOUT); exit();
			}
		}
		#/aip}}
		
		ShowMsg("成功退出登录！","index.php",0,2000);
		exit();
	}
}
else
{
	ShowMsg("本页面禁止返回!","index.php");
}

?>